<?php
    require 'common.php';
    
    $db = new Database();
    $user = getUser($db);
    
    // Error check
    if($user['group'] < 2) {
        redirect('login.php');
        exit();
    }
    if(!isset($_GET['id']))
        throw new Exception('Bad request.');
    
    // Get the user
    $result = $db->query('SELECT name, real_name, group_id FROM '.
        config('DB_PREFIX').'users WHERE id='.intval($_GET['id']));
    if(mysqli_num_rows($result) < 1)
        throw new Exception('No such user.');
    $userdata = mysqli_fetch_assoc($result);
    
    $page = new HtmlPage();
    $page->writeHeader(lang('EDITUSER_PAGENAME'));
    $page->writeTitle();
    $page->writeMenu('EDITUSER', $user);
    $page->write('<div class="content">', PUSH_TAB);
    
    $page->write('<h2>'.lang('EDITUSER_PAGENAME').'</h2>');
    $page->write('<form action="doupdateuser.php" method="post">', PUSH_TAB);
    $page->write(getCsrfGuard());
    $page->write('<input type="hidden" name="id" value="'.intval($_GET['id']).'" />');
    $page->write('<fieldset>', PUSH_TAB);
    $page->write('<legend>'.lang('EDITUSER_PAGENAME').'</legend>');
    $page->write('<div class="formentry"><label><span>'.lang('USERNAME').' :</span><input type="text" name="user" value="'.htmlEscape($userdata['name']).'"/></label></div>');
    $page->write('<div class="formentry"><label><span>'.lang('PASSWORD').' :</span><input type="text" name="password" /> ('.lang('PASSWORD_LEAVE_EMPTY').') </label></div>');
    $page->write('<div class="formentry"><label><span>'.lang('REALNAME').' :</span><input type="text" name="realname" value="'.htmlEscape($userdata['real_name']).'"/></label></div>');
    $page->write('<div class="formentry"><label><span>'.lang('GROUP').' :</span><select name="group">', PUSH_TAB);
    if($userdata['group_id'] == 1)
        $page->write('<option value="1" selected="selected">'.lang('GROUP_USER').'</option>');
    else
        $page->write('<option value="1">'.lang('GROUP_USER').'</option>');
    if($userdata['group_id'] == 2)
        $page->write('<option value="2" selected="selected">'.lang('GROUP_ADMIN').'</option>');
    else
        $page->write('<option value="2">'.lang('GROUP_ADMIN').'</option>');

    $page->write('</select></div>', POP_TAB);
    $page->write('</fieldset>', POP_TAB);
    $page->write('<input type="submit" value="'.lang('SAVE').'" />');
    $page->write('</form>', POP_TAB);
    $page->write('</div>', POP_TAB);
    $page->writeFooter();
?>